Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 375
  • Last Modified:

Email server rDNS record query

HI there,
I have a client who recently moved premises. We moved the SBS server and re-configured both internal and external IP addresses. I changed the public IP address in their DNS registrars control panel to point to the new public IP address assigned on the new firewall to their mail server. Mail was flowing within 1 hour. So far so good. After approximately 2 weeks the IP address of the gateway router ended up on a spamhous blocklist. From what I could decipher it looks like it was because there is no reverse DNS PTR record. The DNS registrar has told me I need to do this at the server - I have never had to do that before. I have moved many a server in the past and this is the first time this has happened and I am unsure of what to do. The errors in some NDR's include the name of the service provider who supplied the fibre connection. So, where does the reverse lookup record reside? Is it at the DNS registrar? Or the internet service provider? Or directly on the server? If it's on the server do I create a new reverse DNS zone to match the mx record and the IP address? I appreciate any help with this. The client is trying to send out invitations to their grand opening and as you can imagine they are not pleased.
Regards
Gerry
0
murphyge
Asked:
murphyge
  • 4
  • 3
  • 3
  • +1
1 Solution
 
s3e3Commented:
Reverse DNS Resides on the Internet Provider Side. You need to ask them since you do not own that IP address.

In the short term you can also look at using a smart host to relay all the email from exchange server to your ISP's mail server. This works well because the SMART Host will have a clean reverse DNS entry and you don't have to worry about blacklists.
0
 
Ben HartCommented:
s3e3 is not entirely correct.  For example the company I work for.. not huge by any means but we host our own DNS.. our ISP does not control our DNS records.  But you should know if you guys have an externally available DNS/BIND server in house.

Also this is not done on your Exchange server, unless you have the DNS role installed alongside Exchange which Im fairly confident is NOT supported by Microsoft.

However I will agree that if you had NDR's mentioning the provider then it's safe to say that in your case the ISP does host that information.
0
 
s3e3Commented:
Reverse DNS entries are normally managed by the ISP for most customers with a small block of IP addresses. Like I said, a simple phone call to the ISP will be sufficient to get the correct information.
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
murphygeAuthor Commented:
Thanks for the feedback both. I have been on to the ISP and logged a ticket with them, there seems to be some confusion about this though, one support guy I spoke to says it's not their responsibility. I will escalate to them again.
Ubadmin - the client does not host his DNS records.
0
 
Ben HartCommented:
Here's hoping you get a TSR who is helpful.
0
 
murphygeAuthor Commented:
Here is the response I got from the support:

Hi,

We currently have an engineer working on this request. The range that the IP address is part of is not set up in a way that we can apply PTR records as we normally do, that is what is causing the delay in this request.

RT: 963837

Regards,

I don't know what to think.
0
 
s3e3Commented:
I would try using the smart host configuration, it's very easy and works well.
Once the rDNS is sorted out you can always switch back.

Search EE for smart host config, it's not hard to accomplish.
0
 
Ben HartCommented:
And you asked them to edit the clients reverse DNS pointers correct?  I can't even take a guess as to how they would normally setup pointers...
0
 
murphygeAuthor Commented:
s3e3 I'll talk to them about using the smart host config.

ubadmin Yes I did.

Thanks again, I'll update tomorrow.
0
 
RickEpnetCommented:
Use a Smarthost much easier. Most of my customers we use a Smarthost. If you have an EC2 server on amazon you can use there SES for free for up to 2000 emails a day.
0
 
murphygeAuthor Commented:
Late Update - issue resolved. The ISP created the record. I just needed to talk to someone in support who knew what they were talking about.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 4
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now